On May 3, 2011, at 8:42 AM, Roger Goh wrote:
1 more question:
if there's a way to disable EHLO or fixing it via a patch,
how do I verify (without running VA scan) that this EHLO
vulnerability has been fixed?
What vulnerability?! Who doesn't use EHLO?!?!
Perhaps you should use a
On May 3, 2011, at 8:49 AM, Reindl Harald wrote:Am 03.05.2011 17:34, schrieb Roger Goh:Hi,During a VA scan, it's reported that my postfix server hasa security vulnerability : EhloCheck: SMTP daemon supports EHLOwhere exactly is the security hole?you should not trust the output of every tool blind